We are planning to disable http port for external access. But in our product internally we are using http://localhost to call rest service. When we disable http, our product is breaking. Hence need to allow only http://localhost.